cxf-dev mailing list archives

Site index · List index
Message view « Date » · « Thread »
Top « Date » · « Thread »
From Andreas Veithen <andreas.veit...@gmail.com>
Subject Re: Latest IBM DeveloperWorks article
Date Wed, 08 Dec 2010 21:45:44 GMT
On Wed, Dec 8, 2010 at 21:15, Dennis Sosnoski <dms@sosnoski.com> wrote:
> On 12/09/2010 08:53 AM, Andreas Veithen wrote:
>> On Wed, Dec 8, 2010 at 14:40, Craig Tataryn <craiger@tataryn.net> wrote:
>>
>>> That's great, his last article was very helpful at my last contract in saving
me from implementing using "Web Services Pack for WAS" (aka Axis)
>>>
>> Interesting statement. Dennis' last articles were all about comparison
>> between CXF, Rampart and Metro. However, although IBM uses Axis2 as
>> the basis for their JAX-WS support in WAS 7.0 and in the Web services
>> feature pack for WAS 6.1, they're not using Rampart at all, but have
>> their own WS-Security implementation...
>>
>
> I haven't worked with WAS myself, but thought that might be the case.
> That's why I qualify my own rankings of the stacks in the latest article
> with " Also, the rankings apply only to the base open source projects;
> commercial stacks based on the open source versions may use their own
> security code and other extensions. You'll need to look at the
> differences between the commercial code and the open source base to see
> which parts of the rankings may apply."
>
> Andreas, why don't you add a comment to the article pointing out that
> the rankings don't apply to WAS for this reason?

I haven't read the entire article yet, but I don't think that you made
any statement that would suggest that the Axis2/Rampart performance
issue is inherited by WAS (in contrast to the misleading comment made
by Craig). Therefore (and because I'm not affiliated with IBM), I
don't see the need for this. What could be interesting though is to
run the performance tests on WAS. I don't know the details, but I
think they are not using WSS4J. I've even seen some WSS related stuff
deep down in their StAX implementation, which suggests that they did
some special optimizations for their implementation. Considering that
there are some performance issues (or better, areas for improvement)
in the encryption/decryption stuff used by WSS4J as well, such a test
may give some interesting results.

>  - Dennis
>

Mime
View raw message